Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more
Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Enterprise Edition

Configuring platform authentication

  • Last updated: April 10, 2024

  • Read time: 2 Minutes

You can add authentication credentials for HTTP Basic and NTLM authentication. Configuring platform authentication enables Burp Scanner to automatically authenticate to destination web servers at the platform level.

You can add platform authentication credentials when you add or edit a site or folder:

  1. Under Scan settings, go to Authentication > Platform authentication.
  2. Click Add credentials.

  3. In the dialog, specify the platform authentication credentials:

    • Destination host - Enter the destination web server address that you want the rule to apply to, for example, ginandjuice.shop. Note that you cannot specify an HTTP protocol in this field. You can use wildcards: * matches zero or more characters, and ? matches any character except a dot.
    • Type - Choose from Basic, NTLM v1, or NTLM v2.
    • Username - Enter a username.
    • Password - Enter a password.
    • Domain - Only required for NTLM authentication. Enter your domain name.
    • Domain hostname - Only required for NTLM authentication. Enter the name of your domain server.
  4. Click Save.

The credentials are added to the list in the Platform authentication tab. Burp Scanner now automatically authenticates all traffic to the destination host.

To add additional credentials, click Add credentials, then follow the steps above. Burp uses the first credentials in the list that match the destination web server. This enables you to configure authentication for individual hosts, or disable platform authentication for a specific host.

To edit platform authentication credentials, click the edit icon .

To delete platform authentication credentials, click the trash icon .

Related pages

Was this article helpful?